Thursday , April 3 2025

infosecbulletin

WinRAR zero-day exploited since April to hack trading accounts

Traders are falling victim to cybercriminals who are leveraging a zero-day vulnerability in WinRAR, the long-standing shareware archiving tool for Windows, in order to pilfer funds. In June, the cybersecurity company Group-IB made a remarkable discovery – a vulnerability that impacts how WinRAR handles the ZIP file format. Hackers are …

Read More »

Kali Linux 2023.3 released: redesign NetHunter ,9 new tools, and more!

The newly released Kali Linux 2023.3 is here, bringing along with it an impressive array of nine brand new tools and internal enhancements. It’s time to download and discover all the exciting features this latest version has to offer. Kali Linux stands as an exceptional Linux distribution designed specifically for …

Read More »

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems (ICS) advisories . These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-234-01 Hitachi Energy AFF66x ICSA-23-234-02 Trane Thermostats ICSA-23-234-03 Rockwell Automation ThinManager ThinServer ICSA-23-138-02 Mitsubishi Electric MELSEC WS Series (Update A) CISA encourages users and administrators to review the newly released ICS …

Read More »

G20 digital ministers sign up for Digital Public Infrastructure push

The G20 ministers for the digital economy met in India and proposed a Framework for Systems of Digital Public Infrastructure (DPI). The Framework comprises three elements: Interoperable and reusable digital systems and applications, such as software codes, protocols, and standards, have revolutionized technology by offering versatility and adaptability across various …

Read More »

52 companies apply for licences for digital bank

A whopping 52 companies, both domestic and foreign, have submitted applications for licensed digital banking establishments. The following entities are part of this list: commercial banks, mobile financial services (MFS), ride-sharing platforms, food delivery companies, IT service providers, pharmaceutical companies, and both domestic and multinational corporations. ALSO READ: Major vulnerabilities …

Read More »

Major vulnerabilities discovered in data center solutions

Two widely used data center solutions, CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU), have been found to have significant security vulnerabilities by researchers. By exploiting these vulnerabilities consecutively, an attacker could obtain complete control over these systems, giving them the ability …

Read More »

TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency

Kubernetes deployments have been targeted by attackers as a means to compromise the cloud environment to control workloads and harness the power of the cloud to conduct unauthorized tasks. Earlier research has highlighted how the TeamTNT threat group conducts attacks against large-scale Kubernetes deployments. ALSO READ: 2023 Threat Report: Social …

Read More »

Banglalink, VEON apply for digital banking licence

Banglalink, the third-largest telecom operator in Bangladesh, has recently applied for a digital banking license along with its parent company, VEON Ltd. ALSO READ: Dutch-Bangla Bank to invest in digital bank The group aims to expedite Banglalink’s entry into the fintech industry by obtaining a digital banking license. Banglalink announced …

Read More »